{% block content %}
{% load static %}
<!doctype html>
<html>
  <head>
    <meta charset="utf-8">
    <title>MobSF Static Analysis Report</title>
    <meta name="description" content="MobSF Report">
    {% if host_os == 'windows' %}
        <link href='https://fonts.googleapis.com/css?family=Open+Sans' rel='stylesheet' type='text/css'>
        <link href='https://fonts.googleapis.com/css?family=Oswald' rel='stylesheet' type='text/css'>
    {% else %}
    <style>
    
      /* latin */
      @font-face {
        font-family: 'Open Sans';
        font-style: normal;
        font-weight: 400;
        font-display: swap;
        src: local('Open Sans Regular'), local('OpenSans-Regular'), url('{{base_url}}{% static 'fonts/Open_Sans/OpenSans-Regular.ttf' %}') format('truetype');
      }

      /* latin */
      @font-face {
        font-family: 'Oswald';
        font-style: normal;
        font-weight: 400;
        font-display: swap;
        src: local('Oswald'), local('Oswald'), url('{{base_url}}{% static 'fonts/Oswald/Oswald-Regular.ttf' %}') format('truetype');
      }
     
  </style>
  {% endif %}
  <link rel="stylesheet" href="{{base_url}}{% static "others/css/pdf_report.css" %}">
  <link rel="stylesheet" href="{{base_url}}{% static "adminlte/plugins/fontawesome-free/css/all.min.css" %}">
</head>

  <body bgcolor="FFFFFF">
    <article id="cover">
      <div class="header">
        <img src="{{base_url}}{% static "img/mobsf_logo.png" %}" class="center logo" alt="MobSF Logo"/>
        <div class="htext">IOS STATIC ANALYSIS REPORT </div>
      </div>
      </br></br></br>
      
     <div class="app">
      {% if app_type not in 'Dylib,A' %}
      <img class="center" id="icon" src="{% if not appstore_details.error %}{{appstore_details.icon}}{% elif icon_path %}{{dwd_dir}}{{ icon_path }}{% else %}{{base_url}}{% static 'img/no_icon.png' %}{% endif %}" alt="app_icon"/>
      {% else %}
      <img class="center" id="icon" src="{{base_url}}{% static 'img/no_icon.png' %}" alt="app_icon"/>
      {% endif %}
    </div>
      <div class="center">
        <h1><i class="fab fa-apple"></i> {{ app_name }} {% if app_version %} ({{app_version}}) {% endif %}</h1>
      </div>
     </br></br></br></br></br>
      <div class="container">
      <table class="basic no_border">
      <tr class="no_border">
        <td class="no_border"><h3>File Name:</h3></td>
        <td class="no_border"><h3>{{file_name}}</h3></td>
      </tr>
      <tr>
        <td class="no_border"><h3>Identifier:</h3></td>
        <td class="no_border"><h3>{{ bundle_id }}</h3></td>
      </tr>
      <tr>
        <td class="no_border"><h3>Scan Date:</h3></td>
        <td class="no_border"><h3>{{ timestamp }}</h3></td>
      </tr>
    {% if app_type not in 'Dylib,A' %}
      {% if average_cvss %}
      <tr>
        <td class="no_border"><h3>Average CVSS Score:</h3></td>
        <td class="no_border"><h3>
  
        {% if average_cvss > 6 %}
        <span class="danger">{{ average_cvss }} </span>
        {% elif average_cvss == 0 %}
        {{ average_cvss }}
        {% elif average_cvss >= 4 %}
        <span class="warning">{{ average_cvss }}</span>
        {% elif average_cvss < 4 %}
        <span class="success">{{ average_cvss }}</span>
        {% endif %}
        </h3></td>
      </tr>
      {% endif %}
      <tr>
        <td class="no_border"><h3> App Security Score:</h3></td>
        <td class="no_border">
        <h2> 
          {% if appsec.security_score < 30 %}
            <span class="danger">{{ appsec.security_score }}/100 (CRITICAL RISK)</span>
          {% elif appsec.security_score < 40 %}
            <span class="high">{{ appsec.security_score }}/100 (HIGH RISK)</span>
          {% elif appsec.security_score < 60 %}
            <span class="warning">{{ appsec.security_score }}/100 (MEDIUM RISK)</span>
          {% else %}
            <span class="success">{{ appsec.security_score }}/100 (LOW RISK)</span>
          {% endif %}
        </h2>
        </td>
      </tr>
      <tr>
        <td class="no_border"><h3> Grade:</h3></td>
        <td class="no_border">
        <h3> 
          <span class="grade" style="background: 
          {% if appsec.security_score < 30 %}
          #ff0018">F
          {% elif appsec.security_score < 40 %}
          #ffc107">C
          {% elif appsec.security_score < 60 %}
          #f4ff45">B
          {% else %}
          #28a745">A
          {% endif %}
          </span>
        </br>
        </h3>
        </td>
      </tr>
  {% endif %}
      {% if trackers|key:"trackers" %}
      <tr>
        <td class="no_border"><h3>Trackers Detection:</h3></td>
        <td class="no_border"><h3><span {% if trackers.detected_trackers > 0 %} class="warning" {% endif %}>{{ trackers.detected_trackers }}/{{ trackers.total_trackers }}</span></h3></td>
      </tr>
     {% endif %}
      {% if virus_total and virus_total.items|length > 9 and 'request successfully queued' not in virus_total.verbose_msg %}
        <tr>
        <td class="no_border"><h3>VirusTotal Detection:</h3></td>
        <td class="no_border"><h3><span class="{% if virus_total.positives > 0 %}danger{% else %}success{% endif %}"> {{ virus_total.positives }}/{{ virus_total.total }}</span></h3></td>
      </tr>
      {% endif %}
    </table>
{% if app_type not in 'Dylib,A' %}
  </br></br>
</br></br>
</br></br>
</br></br>
</br></br>
</br></br>
</br></br>
</br></br>
</br></br>
    <h2><i class="fas fa-chart-pie mr-1"></i> FINDINGS SEVERITY</h2>
    <table class="basic tbl-white">
      <tr>
        <th class="td-high"><i class="fas fa-bug"> </i> HIGH</th>
        <th class="td-warning"><i class="fas fa-exclamation-triangle"> </i> MEDIUM</th>
        <th class="td-info"><i class="fas fa-info"> </i> INFO</th>
        <th class="td-success"><i class="fas fa-check"></i> SECURE</th>
        <th class="td-secondary"><i class="fab fa-searchengin"></i> HOTSPOT</th>
      </tr>
      <tr>
        <td class="td-high"><h2>{{ appsec.high | length}}</h2></td>
        <td class="td-warning"><h2>{{ appsec.warning | length}}</h2></td>
        <td class="td-info"><h2>{{ appsec.info | length}}</h2></td>
        <td class="td-success"><h2>{{ appsec.secure | length}}</h2></td>
        <td class="td-secondary"><h2>{{ appsec.hotspot | length}}</h2></td>
      </tr>
    </table>
      </div>
    </article>
{% endif %}   
    <article id="contents">

      
      <h2><i class="fas fa-box-open"></i> FILE INFORMATION</h2>

      <h5>File Name:</h5> {{ file_name }}</br>
      <h5>Size: </h5> {{ size }}</br>
      <h5>MD5:</h5> {{ md5 }}</br>
      <h5>SHA1:</h5> {{ sha1 }}</br>
      <h5>SHA256:</h5> {{ sha256 }}</br>
     
{% if app_type not in 'Dylib,A' %}
      <h2><i class="fas fa-info"></i> APP INFORMATION</h2>

      <h5>App Name:</h5> {{ app_name }}</br>
      <h5>App Type:</h5> {{ app_type }}</br>
      <h5>Identifier:</h5> {{ bundle_id }}</br>
      <h5>SDK Name:</h5> {{ sdk_name }}</br>
      <h5>Version:</h5> {{ app_version }}</br>
      <h5>Build:</h5> {{ build }}</br>
      <h5>Platform Version:</h5> {{ platform }}</br>
      <h5>Min OS Version:</h5> {{ min_os_version }}</br>
      <h5>Supported Platforms:</h5> {% for pl in bundle_supported_platforms %} {{pl}}, {% endfor %}</br>
{% endif %}
     {% if binary_info %}
      <h2><i class="fas fa-ad"></i> BINARY INFORMATION </h2>

      <h5>Arch:</h5> {{ binary_info.arch }}</br>
      <h5>Sub Arch:</h5> {{ binary_info.subarch }}</br>
      <h5>Bit:</h5> {{ binary_info.bit }}</br>
      <h5>Endian:</h5> {{ binary_info.endian }}</br>
      
     {% endif %}

       {% if bundle_url_types|length > 0 %}
       <h2><i class="fas fa-hashtag"></i>CUSTOM URL SCHEMES</h2>
       <table class="basic">
                  <thead>
                      <tr>
                          <th>URL NAME</th>
                          <th>SCHEMES</th>
                      </tr>
                  </thead>
                  <tbody>

                    {% for scheme in bundle_url_types %}
                    <tr>
                      <td>
                           {{scheme | key:"CFBundleURLName" }}
                        {% if scheme|key:"CFBundleTypeRole" %}
                           <br>
                            {{scheme | key:"CFBundleTypeRole" }}
                        {% endif %}
                      </td>
                      <td>
                        {% if scheme|key:"CFBundleURLSchemes" %}
                        {% for ul in scheme.CFBundleURLSchemes %}
                           {{ul}} <br/>
                        {% endfor %}
                        {% endif %}
                      </td>
                    </tr>
                    {% endfor %}
                  </tbody>
              </table>
        {% endif %}

      {% if permissions %}
      <h2><i class="fa fa-list"></i> APPLICATION PERMISSIONS</h2>

            <table class="basic">
              <thead>
              <tr>
                <th>PERMISSIONS</th>
                <th>STATUS</th>
                <th>INFO</th>
                <th>REASON IN MANIFEST</th>
              </tr>
            </thead>
                <tbody>
                    {% for perm,desc in permissions.items %}
                    <tr>
                      <td>
                        {{ perm }}
                      </td>
                      <td>
                      {{ desc.status }}
                      </td>
                      <td>
                        {{ desc.info}}
                      </td>
                      <td>
                        {{ desc.description }}
                      </td>
                    </tr>
                    {% endfor %}
                  </tbody>
            </table>
      {% endif %}

       {% if ats_analysis  %}
      <h2><i class="fas fa-lock"></i> APP TRANSPORT SECURITY (ATS)</h2>
      {% if ats_analysis and 'ats_summary' in ats_analysis and ats_analysis.ats_summary|length > 0 %}
      <span class="danger">HIGH: </span>
      <h5 class="description-header">{{ ats_analysis.ats_summary.high }}</h5> | 
      <span class="warning"></i> WARNING: </span>
      <h5 class="description-header">{{ ats_analysis.ats_summary.warning }}</h5> |
      <span class="info">INFO: </span>
      <h5 class="description-header">{{ ats_analysis.ats_summary.info }}</h5> |
      <span class="success">SECURE: </span>
      <h5 class="description-header">{{ ats_analysis.ats_summary.secure }}</h5>
    {% endif %}</br>
       <table class="basic">
                   <thead>
                      <tr>
                        <th>NO</th>
                        <th>ISSUE</th>
                        <th>SEVERITY</th>
                        <th>DESCRIPTION</th>
                      </tr>
                  </thead>
                  <tbody>
                    {% if ats_analysis and 'ats_findings' in ats_analysis %}
                      {% for findings in ats_analysis.ats_findings %}
                        <tr>
                          <td>{{ forloop.counter }}</td>
                          <td>
                          {{findings.issue}}
                          <td>
                            {% if findings.severity == "high" %}
                            <span class="danger"> high</span>
                            {% elif findings.severity == "secure" %}
                            <span class="success"> secure</span>
                            {% elif findings.severity == "warning" %}
                            <span class="warning"> warning</span>
                            {% elif findings.severity == "info" %}
                            <span class="info"> info</span>
                            {% endif %}
                            </td>
                          <td>
                          {{findings.description}}
                          </td>
                        </tr>
                      {% endfor %}
                    {% endif %}
                  </tbody>
                    </table>
                  
        {% endif %}

{% if app_type not in 'Dylib,A' %} 
<!--
         {% if file_analysis %}
      <h2><i class="fa fa-file"></i> FILE ANALYSIS</h2>
                <table class="basic">
                   <thead>
                      <tr>
                          <th>ISSUE</th>
                          <th>FILES</th>
                      </tr>
                  </thead>
                  <tbody>
                    {% for item in file_analysis %}
                    <tr>
                      <td>
                        {{ item.issue }}
                      </td>
                      <td>
                        {% for file in item.files %}
                          {{ file.file_path }}
                          <br/>
                        {% endfor %}
                      </td>
                  
                    </tr>
                    {% endfor %}
                  </tbody>
		</table>
      {% endif %}
-->
{% endif %}
        {% if virus_total and virus_total.items|length > 9 and 'request successfully queued' not in virus_total.verbose_msg %}
       <h2><i class="fas fa-spider"></i> VIRUSTOTAL SCAN</h2>
       <p> <h5>{{ virus_total.positives }} / {{ virus_total.total }}</h5> &nbsp; AVs found this file Malicious! </p>
            {% if virus_total.positives %}
          
                    <table class="basic">
                                    <thead>
                                        <tr>
                                            <th>AV</th>
                                            <th>DETECTION</th>
                                        </tr>
                                    </thead>
                                    <tbody>
                                    {% for av_name,av_result in virus_total.scans.items %}
                                        {% if av_result.detected == True %}
                                            <tr>
                                                <td>
                                                    {{ av_name }}
                                                </td>
                                                <td>
                                                    <span class="danger">{{ av_result.result }}</span>
                                                </td>
                                          </tr>
                                        {% endif %}
                                    {% endfor %}
                               </tbody>
                    </table>
            {% endif %}
      {% endif %}
      
      {% if binary_analysis  %}
      <h2><i class="fas fa-code"></i> {% if app_type not in 'Dylib,A' %}IPA {% endif %}BINARY CODE ANALYSIS</h2>
      {% if binary_analysis and 'summary' in binary_analysis and binary_analysis.summary|length > 0 %}
      <span class="danger">HIGH: </span>
      <h5 class="description-header">{{ binary_analysis.summary.high }}</h5> | 
      <span class="warning"></i> WARNING: </span>
      <h5 class="description-header">{{ binary_analysis.summary.warning }}</h5> |
      <span class="info">INFO: </span>
      <h5 class="description-header">{{ binary_analysis.summary.info }}</h5> |
      <span class="success">SECURE: </span>
      <h5 class="description-header">{{ binary_analysis.summary.secure }}</h5> |
      <span class="disabled">SUPPRESSED: </span>
      <h5 class="description-header">{{ binary_analysis.summary.suppressed }}</h5>
    {% endif %}</br>
       <table class="basic">
                  <thead>
                      <tr>
                          <th>NO</th>
                          <th>ISSUE</th>
                          <th>SEVERITY</th>
                          <th>STANDARDS</th>
                          <th>DESCRIPTION</th>

                      </tr>
                  </thead>
                     <tbody>
                   {% if binary_analysis and 'findings' in binary_analysis %}
                   {% for issue, details in binary_analysis.findings.items %}
                    <tr>
                      <td>{{ forloop.counter }}</td>
                      <td>
                        {{ issue }}
                      </td>
                      <td>
                        {% if details|key:"severity" == 'info' %}
                          <span class='info'>info</span>
                        {% elif details|key:"severity" == 'good' %}
                          <span class='success'>secure</span>
                        {% elif details|key:"severity" == 'high' %}
                          <span class='danger'>high</span>
                        {% elif details|key:"severity" == 'warning' %}
                          <span class='warning'>warning</span>
                        {% endif %}
                      </td>
                      <td>
                        {% if average_cvss %}
                          <h5>CVSS V2:</h5>
                          {% if details|key:"cvss" > 6 %}
                          <span class="danger">{{ details|key:"cvss" }} (high)</span>
                          {% elif details|key:"cvss" == 0 %}
                          <span class="info">{{ details|key:"cvss" }} (info)</span>
                          {% elif details|key:"cvss" >= 4 %}
                          <span class="warning">{{ details|key:"cvss" }} (medium)</span>
                          {% elif details|key:"cvss" < 4 %}
                          <span class="success">{{ details|key:"cvss" }} (low)</span>
                          {% endif %}
                          </br>
                        {% endif %}
                        {% if details|key:"cwe" %}<h5>CWE: </h5>{{ details|key:"cwe" }}{% endif %}
                        {% if details|key:"owasp-mobile" %}</br> <h5>OWASP Top 10: </h5>{{ details|key:"owasp-mobile" }}{% endif %}
                        {% if details|key:"masvs" %}</br> <h5>OWASP MASVS: </h5>{{ details|key:"masvs" }}{% endif %}
                       </td>
                      <td>
                        {{ details|key:"detailed_desc" }}
                      </td>
                    </tr>
                    {% endfor %}
                    {% endif %}
                 </tbody>
                    </table>
               
        {% endif %}
        {% if macho_analysis  %}
      <h2><i class="fa fa-braille"></i> IPA BINARY ANALYSIS</h2>
       <table class="basic">
                  <thead>
                    <tr>
                      <th>PROTECTION</th>
                      <th>STATUS</th>
                      <th>SEVERITY</th>
                      <th>DESCRIPTION</th>
                     </tr>
                  </thead>
                  <tbody>
                    {% if not macho_analysis %}
                      Binary Analysis Failed.
                    {% else %}
                    <tr>
                      <td><b>NX</b></td>
                      <td>{{macho_analysis.nx.has_nx}}</td>
                      <td><span class="{% if macho_analysis.nx.severity == 'high' %}danger{% elif macho_analysis.nx.severity == 'warning' %}warning{% else %}info{% endif %}">{{macho_analysis.nx.severity}}</span></td>
                      <td>{{macho_analysis.nx.description}}</td>
                    </tr>
                    <tr>
                      <td><b>PIE</b></td>
                      <td>{{macho_analysis.pie.has_pie}}</td>
                      <td><span class="{% if macho_analysis.pie.severity == 'high' %}danger{% elif macho_analysis.pie.severity == 'warning' %}warning{% else %}info{% endif %}">{{macho_analysis.pie.severity}}</span></td>
                      <td>{{macho_analysis.pie.description}}</td>
                    </tr>
                    <tr>
                      <td><b>STACK CANARY</b></td>
                      <td>{{macho_analysis.stack_canary.has_canary}}</td>
                      <td><span class="{% if macho_analysis.stack_canary.severity == 'high' %}danger{% elif macho_analysis.stack_canary.severity == 'warning' %}warning{% else %}info{% endif %}">{{macho_analysis.stack_canary.severity}}</span></td>
                      <td>{{macho_analysis.stack_canary.description}}</td>
                    </tr>
                    <tr>
                      <td><b>ARC</b></td>
                      <td>{{macho_analysis.arc.has_arc}}</td>
                      <td><span class="{% if macho_analysis.arc.severity == 'high' %}danger{% elif macho_analysis.arc.severity == 'warning' %}warning{% else %}info{% endif %}">{{macho_analysis.arc.severity}}</span></td>
                      <td>{{macho_analysis.arc.description}}</td>
                    </tr>
                    <tr>
                      <td><b>RPATH</b></td>
                      <td>{{macho_analysis.rpath.has_rpath}}</td>
                      <td><span class="{% if macho_analysis.rpath.severity == 'high' %}danger{% elif macho_analysis.rpath.severity == 'warning' %}warning{% else %}info{% endif %}">{{macho_analysis.rpath.severity}}</span></td>
                      <td>{{macho_analysis.rpath.description}}</td>
                    </tr>
                    <tr>
                      <td><b>CODE SIGNATURE</b></td>
                      <td>{{macho_analysis.code_signature.has_code_signature}}</td>
                      <td><span class="{% if macho_analysis.code_signature.severity == 'high' %}danger{% elif macho_analysis.code_signature.severity == 'warning' %}warning{% else %}info{% endif %}">{{macho_analysis.code_signature.severity}}</span></td>
                      <td>{{macho_analysis.code_signature.description}}</td>
                    </tr>
                    <tr>
                      <td><b>ENCRYPTED</b></td>
                      <td>{{macho_analysis.encrypted.is_encrypted}}</td>
                      <td><span class="{% if macho_analysis.encrypted.severity == 'high' %}danger{% elif macho_analysis.encrypted.severity == 'warning' %}warning{% else %}info{% endif %}">{{macho_analysis.encrypted.severity}}</span></td>
                      <td>{{macho_analysis.encrypted.description}}</td>
                    </tr>
                    <tr>
                      <td><b>SYMBOLS STRIPPED</b></td>
                      <td>{{macho_analysis.symbol.is_stripped}}</td>
                      <td><span class="{% if macho_analysis.symbol.severity == 'high' %}danger{% elif macho_analysis.symbol.severity == 'warning' %}warning{% else %}info{% endif %}">{{macho_analysis.symbol.severity}}</span></td>
                      <td>{{macho_analysis.symbol.description}}</td>
                    </tr>
                    {% endif %}
                </tbody>
                    </table>
        {% endif %}
  {% if app_type not in 'A' %}
    {% if dylib_analysis or framework_analysis %}
        <h2><i class="fa fa-flag"></i> DYNAMIC LIBRARY & FRAMEWORK BINARY ANALYSIS</h2>
        <table class="basic">
                <thead>
                    <tr>
                        <th>NO</th>
                        <th>DYLIB/FRAMEWORK</th>
                        <th>NX</th>
                        <th>STACK CANARY</th>
                        <th>ARC</th>
                        <th>RPATH</th>
                        <th>CODE SIGNATURE</th>
                        <th>ENCRYPTED</th>
                        <th>SYMBOLS STRIPPED</th>
                    </tr>
                </thead>
                <tbody>
          {% for dy in dylib_analysis %}
          <tr>
            <td>{{ forloop.counter }}</td>
            <td>{{dy.name | relative_path}}</td>
            <td><b>{{dy.nx.has_nx}}</b>
              <br/>
              <span class="{% if dy.nx.severity == 'high' %}danger{% elif dy.nx.severity == 'warning' %}warning{% else %}info{% endif %}">{{dy.nx.severity}}</span><br/>
              <br/>{{dy.nx.description}}</td>
            <td><b>{{dy.stack_canary.has_canary}}</b>
                <br/>
                <span class="{% if dy.stack_canary.severity == 'high' %}danger{% elif dy.stack_canary.severity == 'warning' %}warning{% else %}info{% endif %}">{{dy.stack_canary.severity}}</span><br/>
                <br/>{{dy.stack_canary.description}}</td>
            <td><b>{{dy.arc.has_arc}}</b>
              <br/>
              <span class="{% if dy.arc.severity == 'high' %}danger{% elif dy.arc.severity == 'warning' %}warning{% else %}info{% endif %}">{{dy.arc.severity}}</span><br/>
              <br/>{{dy.arc.description}}</td>
            <td><b>{{dy.rpath.has_rpath}}</b>
              <br/>
              <span class="{% if dy.rpath.severity == 'high' %}danger{% elif dy.rpath.severity == 'warning' %}warning{% else %}info{% endif %}">{{dy.rpath.severity}}</span><br/>
              <br/>{{dy.rpath.description}}</td>
            <td><b>{{dy.code_signature.has_code_signature}}</b>
                <br/>
                <span class="{% if dy.code_signature.severity == 'high' %}danger{% elif dy.code_signature.severity == 'warning' %}warning{% else %}info{% endif %}">{{dy.code_signature.severity}}</span><br/>
                <br/>{{dy.code_signature.description}}</td>
            <td><b>{{dy.encrypted.is_encrypted}}</b>
                <br/>
                <span class="{% if dy.encrypted.severity == 'high' %}danger{% elif dy.encrypted.severity == 'warning' %}warning{% else %}info{% endif %}">{{dy.encrypted.severity}}</span><br/>
                <br/>{{dy.encrypted.description}}</td>
            <td><b>{{dy.symbol.is_stripped}}</b>
              <br/>
              <span class="{% if dy.symbol.severity == 'high' %}danger{% elif dy.symbol.severity == 'warning' %}warning{% else %}info{% endif %}">{{dy.symbol.severity}}</span><br/>
              <br/>{{dy.symbol.description}}</td>
          </tr>
          {% endfor %}
          {% for frm in framework_analysis %}
      <tr>
        <td>{{ forloop.counter }}</td>
        <td>{{frm.name}}</td>
        <td><b>{{frm.nx.has_nx}}</b>
          <br/>
          <span class="{% if frm.nx.severity == 'high' %}danger{% elif frm.nx.severity == 'warning' %}warning{% else %}info{% endif %}">{{frm.nx.severity}}</span><br/>
          <br/>{{frm.nx.description}}</td>
        <td><b>{{frm.stack_canary.has_canary}}</b>
            <br/>
            <span class="{% if frm.stack_canary.severity == 'high' %}danger{% elif frm.stack_canary.severity == 'warning' %}warning{% else %}info{% endif %}">{{frm.stack_canary.severity}}</span><br/>
            <br/>{{frm.stack_canary.description}}</td>
        <td><b>{{frm.arc.has_arc}}</b>
          <br/>
          <span class="{% if frm.arc.severity == 'high' %}danger{% elif frm.arc.severity == 'warning' %}warning{% else %}info{% endif %}">{{frm.arc.severity}}</span><br/>
          <br/>{{frm.arc.description}}</td>
        <td><b>{{frm.rpath.has_rpath}}</b>
          <br/>
          <span class="{% if frm.rpath.severity == 'high' %}danger{% elif frm.rpath.severity == 'warning' %}warning{% else %}info{% endif %}">{{frm.rpath.severity}}</span><br/>
          <br/>{{frm.rpath.description}}</td>
        <td><b>{{frm.code_signature.has_code_signature}}</b>
            <br/>
            <span class="{% if frm.code_signature.severity == 'high' %}danger{% elif frm.code_signature.severity == 'warning' %}warning{% else %}info{% endif %}">{{frm.code_signature.severity}}</span><br/>
            <br/>{{frm.code_signature.description}}</td>
        <td><b>{{frm.encrypted.is_encrypted}}</b>
            <br/>
            <span class="{% if frm.encrypted.severity == 'high' %}danger{% elif frm.encrypted.severity == 'warning' %}warning{% else %}info{% endif %}">{{frm.encrypted.severity}}</span><br/>
            <br/>{{frm.encrypted.description}}</td>
        <td><b>{{frm.symbol.is_stripped}}</b>
          <br/>
          <span class="{% if frm.symbol.severity == 'high' %}danger{% elif frm.symbol.severity == 'warning' %}warning{% else %}info{% endif %}">{{frm.symbol.severity}}</span><br/>
          <br/>{{frm.symbol.description}}</td>
      </tr>
      {% endfor %}
                  </tbody>
                  </table>
    {% endif %}
  {% endif %}
<!--static library-->
{% if app_type in 'A' %}
  <h2><i class="fa fa-flag"></i> STATIC LIBRARY BINARY ANALYSIS</h2>
  {% if binary_info.arch == 'MachO' %}

            <table class="basic">
              <thead>
                  <tr>
                      <th>NO</th>
                      <th>STATIC OBJECT</th>
                      <th>NX</th>
                      <th>STACK CANARY</th>
                      <th>ARC</th>
                      <th>RPATH</th>
                      <th>SYMBOLS STRIPPED</th>
                  </tr>
              </thead>
              <tbody>
          {% if not dylib_analysis %}
          No Static Objects found.
          {% endif %}
          {% for dy in dylib_analysis %}
          <tr>
          <td>{{ forloop.counter }}</td>
          <td>{{dy.name}}</td>
          <td><b>{{dy.nx.has_nx}}</b>
            <br/>
            <span class="{% if dy.nx.severity == 'high' %}danger{% elif dy.nx.severity == 'warning' %}warning{% else %}info{% endif %}">{{dy.nx.severity}}</span>
            <br/>{{dy.nx.description}}</td>
          <td><b>{{dy.stack_canary.has_canary}}</b>
              <br/>
              <span class="{% if dy.stack_canary.severity == 'high' %}danger{% elif dy.stack_canary.severity == 'warning' %}warning{% else %}info{% endif %}">{{dy.stack_canary.severity}}</span>
              <br/>{{dy.stack_canary.description}}</td>
          <td><b>{{dy.arc.has_arc}}</b>
            <br/>
            <span class="{% if dy.arc.severity == 'high' %}danger{% elif dy.arc.severity == 'warning' %}warning{% else %}info{% endif %}">{{dy.arc.severity}}</span>
            <br/>{{dy.arc.description}}</td>
          <td><b>{{dy.rpath.has_rpath}}</b>
            <br/>
            <span class="{% if dy.rpath.severity == 'high' %}danger{% elif dy.rpath.severity == 'warning' %}warning{% else %}info{% endif %}">{{dy.rpath.severity}}</span>
            <br/>{{dy.rpath.description}}</td>
          <td><b>{{dy.symbol.is_stripped}}</b>
            <br/>
            <span class="{% if dy.symbol.severity == 'high' %}danger{% elif dy.symbol.severity == 'warning' %}warning{% else %}info{% endif %}">{{dy.symbol.severity}}</span>
            <br/>{{dy.symbol.description}}</td>
          </tr>
          {% endfor %}
                </tbody>
                </table>
  {% else %}

          <table class="basic">
            <thead>
                <tr>
                    <th>NO</th>
                    <th>SHARED OBJECT</th>
                    <th>NX</th>
                    <th>STACK CANARY</th>
                    <th>RPATH</th>
                    <th>RUNPATH</th>
                    <th>FORTIFY</th>
                    <th>SYMBOLS STRIPPED</th>
                </tr>
            </thead>
            <tbody>
        {% if not dylib_analysis %}
        No Static Objects found.
        {% endif %}
        {% for so in dylib_analysis %}
        <tr>
        <td>{{ forloop.counter }}</td>
        <td>{{so.name}}</td>
        <td><b>{{so.nx.is_nx}}</b>
          <br/>
          <span class="{% if so.nx.severity == 'high' %}danger{% elif so.nx.severity == 'warning' %}warning{% else %}info{% endif %}">{{so.nx.severity}}</span>
          <br/>{{so.nx.description}}</td>
        <td><b>{{so.stack_canary.has_canary}}</b>
            <br/>
            <span class="{% if so.stack_canary.severity == 'high' %}danger{% elif so.stack_canary.severity == 'warning' %}warning{% else %}info{% endif %}">{{so.stack_canary.severity}}</span>
            <br/>{{so.stack_canary.description}}</td>
        <td><b>{{so.rpath.rpath}}</b>
          <br/>
          <span class="{% if so.rpath.severity == 'high' %}danger{% elif so.rpath.severity == 'warning' %}warning{% else %}info{% endif %}">{{so.rpath.severity}}</span>
          <br/>{{so.rpath.description}}</td>
        <td><b>{{so.runpath.runpath}}</b>
          <br/>
          <span class="{% if so.runpath.severity == 'high' %}danger{% elif so.runpath.severity == 'warning' %}warning{% else %}info{% endif %}">{{so.runpath.severity}}</span>
          <br/>{{so.runpath.description}}</td>
        <td><b>{{so.fortify.is_fortified}}</b>
          <br/>
          <span class="{% if so.fortify.severity == 'high' %}danger{% elif so.fortify.severity == 'warning' %}warning{% else %}info{% endif %}">{{so.fortify.severity}}</span>
          <br/>{{so.fortify.description}}</td>
        <td><b>{{so.symbol.is_stripped}}</b>
          <br/>
          <span class="{% if so.symbol.severity == 'high' %}danger{% elif so.symbol.severity == 'warning' %}warning{% else %}info{% endif %}">{{so.symbol.severity}}</span>
          <br/>{{so.symbol.description}}</td>
        </tr>
        {% endfor %}
              </tbody>
              </table>

  {% endif %}
<!-- ===========================end a analysis ================================== -->
{% endif %}
<!-- end static library-->


    {% if app_type not in 'Dylib,A' %}
    {% if code_analysis  %}
      <h2><i class="fas fa-code"></i> CODE ANALYSIS</h2>
      {% if code_analysis and 'summary' in code_analysis and code_analysis.summary|length > 0 %}
      <span class="danger">HIGH: </span>
      <h5 class="description-header">{{ code_analysis.summary.high }}</h5> | 
      <span class="warning"></i> WARNING: </span>
      <h5 class="description-header">{{ code_analysis.summary.warning }}</h5> |
      <span class="info">INFO: </span>
      <h5 class="description-header">{{ code_analysis.summary.info }}</h5> |
      <span class="success">SECURE: </span>
      <h5 class="description-header">{{ code_analysis.summary.secure }}</h5> |
      <span class="disabled">SUPPRESSED: </span>
      <h5 class="description-header">{{ code_analysis.summary.suppressed }}</h5>
    {% endif %}</br>
       <table class="basic">
                <thead>
                    <tr>
                        <th>NO</th>
                        <th>ISSUE</th>
                        <th>SEVERITY</th>
                        <th>STANDARDS</th>
                        <th>FILES</th>
                    </tr>
                </thead>
                <tbody>
                  {% if code_analysis and 'findings' in code_analysis %}
									 {% for rule, details in code_analysis.findings.items %}
                  <tr>
                  <td>{{ forloop.counter }}</td>
                  <td width="25%">
                    {% if details.metadata|key:"ref" %}
                    <a href="{{details.metadata.ref}}" target="_blank" rel="noopener"> {{ details.metadata.description }}</a>
                    {% else %}
                      {{ details.metadata.description }}
                    {% endif %}
                  </td>
                  <td>
                    {% if details.metadata.severity == "high" %}
                      <span class="danger">high</span>
                      {% elif details.metadata.severity == "good" %}
                      <span class="success">secure</span>
                      {% elif details.metadata.severity == "warning" %}
                      <span class="warning">warning</span>
                      {% elif details.metadata.severity == "info" %}
                      <span class="info">info</span>
                      {% endif %}
                  </td>
                  <td>
                    {% if average_cvss %}
                      <h5>CVSS V2:</h5>
                      {% if details.metadata.cvss > 6 %}
                      <span class="danger">{{ details.metadata.cvss }} (high)</span>
                      {% elif details.metadata.cvss == 0 %}
                      <span class="info">{{ details.metadata.cvss }} (info)</span>
                      {% elif details.metadata.cvss >= 4 %}
                      <span class="warning">{{ details.metadata.cvss }} (medium)</span>
                      {% elif details.metadata.cvss < 4 %}
                      <span class="success">{{ details.metadata.cvss }} (low)</span>
                      {% endif %}
                      </br>
                    {% endif %}
                    {% if details.metadata.cwe %}<strong>CWE: </strong>{{details.metadata.cwe }}{% endif %}
                    {% if details.metadata|key:"owasp-mobile" %}</br> <strong>OWASP Top 10: </strong>{{ details.metadata|key:"owasp-mobile" }}{% endif %}
                    {% if details.metadata.masvs %}</br> <strong>OWASP MASVS: </strong>{{ details.metadata.masvs  }}{% endif %}
                  </td>
                  <td style="word-break:break-all;">
                  {% for file_path in details.files %}
                   {{ file_path }}
                  </br>
                  {% endfor %}
                  </td>
                </tr>    
              {% endfor %}
              {% endif %}
              </tbody>
              </table>
                   
      {% endif %}
    {% endif %}
    {% if firebase_urls %} 
    <h2><i class="fas fa-database"></i> FIREBASE DATABASES ANALYSIS</h2>
          <table class="basic">
                <thead>
                <tr>
                  <th>TITLE</th>
                  <th>SEVERITY</th>
                  <th>DESCRIPTION</th>
                </tr>
              </thead>
          <tbody>
                {% for find in firebase_urls %}
                <tr>
                  <td>{{ find.title }}</td>
                  <td>
                  {% if find.severity == 'high' %}
                  <span class="danger">high</span>
                  {% elif find.severity  == 'secure' %}
                    <span class="success">secure</span>
                  {% elif find.severity  == 'warning' %}
                    <span class="warning">warning</span>
                  {% elif find.severity  == 'info' %}
                  <span class="info">info</span>
                  {% endif %}
                  </td>
                  <td>{{ find.description }}</td>
                  </tr>
                {% endfor %} 
                  </tbody>
                  </table>
      {% endif %}
      {% if domains  %}

      <h2><i class="fa fa-exclamation"></i> OFAC SANCTIONED COUNTRIES</h2>
      <p>This app may communicate with the following OFAC sanctioned list of countries.</p>
      <table id="table_ofac" class="table table-bordered table-hover table-striped">
           <thead>
           <tr>
              <th>DOMAIN</th>
              <th>COUNTRY/REGION</th>
           </tr>
          </thead>
          <tbody>
          {% for domain, details in domains.items %}
          {% if details|key:"ofac" == True %}
           <tr><td>{{domain}}</td>
           <td>
             <strong>IP: </strong>{{details|key:"geolocation"|key:"ip"}}  <br/>
             <strong>Country: </strong>{{details|key:"geolocation"|key:"country_long"}} <br/>
             <strong>Region: </strong>{{details|key:"geolocation"|key:"region"}} <br/>
             <strong>City: </strong>{{details|key:"geolocation"|key:"city"}} <br/>
           </td>
           </tr>
           {% endif %}
           {% endfor %}
         </tbody>
     </table>
     
      <h2><i class="fab fa-searchengin"></i> DOMAIN MALWARE CHECK</h2>
         <table  class="basic">
                  <thead>
                  <tr>
                     <th>DOMAIN</th>
                     <th>STATUS</th>
                     <th>GEOLOCATION</th>
                  </tr>
                 </thead>
                 <tbody>
                 {% for domain, details in domains.items %}
                  <tr><td>{{domain}}</td><td> 

                    {% if details|key:"bad" == "yes" %}
                    <span class="danger">malware</span><br/>
             
                      <h5>URL: </h5> {{details|key:"domain_or_url"}}
                      <h5>IP: </h5> <span class="danger">{{details|key:"ip"}}</span>
                      <h5>Description: </h5> {{details|key:"desc"}}
                   
                  {% else %}
                    <span class="success">ok</span><br/>
                  {% endif %}
                  </td>
                  <td>
                    {% if details|key:"geolocation" %}
                
                      <h5>IP: </h5> {{details|key:"geolocation"|key:"ip"}}  <br/>
                      <h5>Country: </h5> {{details|key:"geolocation"|key:"country_long"}} <br/>
                      <h5>Region: </h5> {{details|key:"geolocation"|key:"region"}} <br/>
                      <h5>City: </h5> {{details|key:"geolocation"|key:"city"}} <br/>
                      <h5>Latitude: </h5> {{details|key:"geolocation"|key:"latitude"}} <br/>
                      <h5>Longitude: </h5> {{details|key:"geolocation"|key:"longitude"}} <br/>
                      <h5>View: </h5> <a target="_blank" href="http://maps.google.com/maps?q={{details|key:"geolocation"|key:"latitude"}},{{details|key:"geolocation"|key:"longitude"}}">Google Map</a>
                    {% else %}
                    No Geolocation information available.
                    {% endif %}
                  </td>
                  </tr>
                  {% endfor %}
                </tbody>
            </table>
      {% endif %}

<!-- Display urls only for dylib files-->
{% if app_type in 'Dylib,A' %}
       {% if urls %} 
      <h2><i class="fas fa-globe"></i> URLS </h2>
      <table class="basic">
                  <thead>
                  <tr>
                     <th>URL</th>
                     <th>FILE</th>
                  </tr>
                 </thead>
                  <tbody>
									{% for urldict in urls %}
                    <tr>
                       <td style="word-break:break-all;">
                       {% for u in urldict|key:"urls" %}
                         {{ u }} </br>
                       {% endfor %}
                        </td>
                       <td width="35%" style="word-break:break-all;">
                         {{urldict|key:"path"}}
                       </td>
                    </tr>
                  {% endfor %} 
										</tbody>
										</table>
        {% endif %}
{% endif %}
      {% if emails %}
      <h2><i class="fas fa-envelope"></i> EMAILS</h2>
          <table class="basic">
                  <thead>
                  <tr>
                     <th>EMAIL</th>
                     <th>FILE</th>
                  </tr>
                 </thead>
                  <tbody>
									{% for email_dict in emails %}
                    <tr>
                       <td style="word-break:break-all;">
                       {% for em in email_dict|key:"emails" %}
                         {{ em }} </br>
                       {% endfor %}
                        </td>

                       <td style="word-break:break-all;">
                         {{email_dict|key:"path"}}
                       </td>
                    </tr>
                  {% endfor %} 
										</tbody>
										</table>
      {% endif %}

      {% if trackers|key:"trackers" %}
      <h2><i class="fas fa-user-secret"></i> TRACKERS</h2>
       <table class="basic">
            <thead>
                <tr>
                    <th>TRACKER</th>
                    <th>CATEGORIES</th>
                    <th>URL</th>
                </tr>
            </thead>
          
            <tbody>
              {% for trk in trackers|key:"trackers" %}
              <tr>
                <td>
                  {{trk.name}}
                </td>
                <td>
                  {{trk.categories}}
                </td>
                <td>
                  <a target="_blank" href="{{trk.url}}" rel="noopener noreferrer">{{trk.url}}</a>
                </td>
              </tr>
              {% endfor %}
            </tbody>
        </table>
         {% endif %}
  
    {% if secrets %}
      <h2><i class="fas fa-key"></i> HARDCODED SECRETS</h2>
          <table class="basic">
                  <thead>
                  <tr>
                    <th>POSSIBLE SECRETS</th>
                  </tr>
                </thead>
                  <tbody>
                  {% for sec in secrets %}
                    <tr>
                      <td style="word-break:break-all;">
                      {{ sec }}
                        </td>
                    </tr>
                  {% endfor %} 
                    </tbody>
                    </table>
      {% endif %}

    <!--Only for dylib-->
    {% if app_type in 'Dylib,A' %}
    <h2><i class="fa fa-th"></i> SYMBOLS</h2>
        <table class="basic">
                <tbody>
                {% for val in file_analysis %}
                  <tr>
                    <td style="word-break:break-all;">
                    {{ val }}
                      </td>
                  </tr>
                {% endfor %} 
                  </tbody>
                  </table>
    {% endif %}

    {% if app_type not in 'Dylib,A' %}
    {% if not appstore_details.error %}
    <h2><i class="fab fa-app-store-ios"></i> APP STORE INFORMATION </h2>

                  <p>                                       
                    <h5>Title:</h5> 
                    {{ appstore_details.title }}
                  </p>
                  <p>                                       
                    <h5>Score:</h5> 
                   {{ appstore_details.score}}

                   <h5>Features:</h5> 
                    {% for fea in appstore_details.features %}
                      {{ fea }}, 
                    {% endfor %}

                   <h5>Price:</h5> 
                      {{ appstore_details.price }}

                   <h5>Category:</h5> 
                     {% for cat in appstore_details.category %}
                        {{ cat }}, 
                    {% endfor %}
                   </br>
                    <h5>App Store URL:</h5> 
		                <a target="_blank" href="{{ appstore_details.itunes_url }}" rel="noopener noreferrer">{{ appstore_details.app_id }} </a>
                
                  </p>
		          <p>
                  <h5>Developer:</h5> 
                    {{appstore_details.developer}}  <br/>
		          <h5>Developer ID:</h5> 
                   {{appstore_details.developer_id}}  <br/>
                   <h5>Developer Website:</h5> 
                   {{appstore_details.developer_website }} <br/>
                   <h5>Developer URL:</h5> 
                   {{appstore_details.developer_url}} <br/>
                   <h5>Supported Devices</h5>
                   {% for dev in appstore_details.supported_devices %}
                      {{ dev }}, 
                      {% endfor %}
                    <br/>              
		            </p>
                 <p>                                     
                    <h5>Description:</h5> 
                    <p>{{ appstore_details.description }}</p>
                  </p>
       {% endif %}
    {% endif %}
    <h2><i class="fas fa-list"></i> SCAN LOGS</h2>
    <table id="scan_logs" class="basic">
      <tr>
          <th>Timestamp</th>
          <th>Event</th>
          <th>Error</th>
      </tr>
  <tbody>
    {% for log in logs %}
    <tr>
      <td>
        {{log.timestamp}}
      </td>
      <td>
        {{log.status}}
      </td>
      <td>
        {% if not log.exception %}
        <p class="text-success">
          OK
        </p>
        {% else %}
        <p class="text-danger">
        {{log.exception}}
         </p>
        {% endif %}
      </td>
    </tr>
    {% endfor %}
  </tbody>
  </table>
    </article>
    <article id="columns">
      </br>
      <hr>
      <h3>Report Generated by - MobSF {{ version }} </h3>
      <section>
        <p>
          Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
        </p>
        <p>
        <strong>© {% now "Y" %} Mobile Security Framework - MobSF | <a href="https://ajinabraham.com">Ajin Abraham</a> | <a href="https://opensecurity.in">OpenSecurity</a>.</strong>
      </p>
      </section>
    </article>
  </body>
</html>
{% endblock %}
